An unnamed 17-year-old computer hacker from Devon has now pleaded guilty to seven charges under the Computer Misuse Act for hacking the British telco TalkTalk earlier this year.
Unfortunately he is not alone. He is just one example of tech-savvy teens in need of guidance.
Safeguarding critical systems and networks is becoming more important for businesses than ever before. Encouraging tech-savvy young people to join the next generation of cyber-security warriors needs to be front of mind too, if companies are to face up to the burgeoning skills gap that needs to be closed.
But are businesses providing a clear path and motivation for them to turn their innate curiosity and technical ability into a source for fighting cybercrime?
Recent cases such as the above would suggest not, with many young people tempted to use their skills for criminal intent, by engaging in the development, rather than the prevention, of cyber-threats.
The skills shortfall
In the wake of high-profile hacks such as those on Yahoo, Sony and Sage, businesses are increasing their spending on security. However, this isn’t translating into developing the necessary resources and skills to fight cyber-threats long term.
According to Frost & Sullivan’s Global Information Security Workforce study, by 2020 the shortfall of qualified cyber-security professionals is expected to reach some 1.5m.
But the effects are being felt now, with just under half (48 per cent) of cyber-security staff citing a shortage of professionals as a key reason for data breaches and for “heavily impacting” customers.
The next generation
Recent research conducted by Kaspersky found that just over half (57 per cent) of under-25s across the globe consider the ability to hack computers an “impressive” skill to possess.
The same survey found that one in five under-25s (20 per cent) knew people who were actively engaged in criminal cyber-activities such as hacking, rising incrementally to just below a quarter (23 per cent) of 18 year olds.
The dark side
So how can businesses build on this obvious interest before it leads bright and inquisitive minds to dabble in the dark side, and use their skills for criminal gain?
A key part of the problem is the failure by businesses to provide a clear route into a career in cyber-security. What is needed now more than ever is a joined up approach between employers and education, to equip and develop the skills of a tech-hungry generation.
It must be easier and more attractive for these skilled young people to enter the field, before they’re led astray. Although businesses complain that new entrants do not have the hands-on cyber-security skills and the experience they need, very few currently offer entry-level roles or internships that can help harness talent and develop those skills. This needs to change.
The always-on, younger generation has the highest awareness of cyber-risk, but is also the most likely to engage in high risk cyber-activity. The interests of these people need to be channelled now, encouraging them to use their cyber-skills for the greater good, before it’s too late and too many of them are drawn to the “dark” side.